http://bruteforce.gr/honeybox Honeybox is a distro that contains numerous honeypot software, all on a single box. Additionally, the distro preconfigures the honeypot to utilize some of the many enhancements Brutforce Labs have created for these honeypots.

*If at home, to make this accessible from the internet you will need to enable port forwarding at your modem, and potientially your Virtual Machine software.

Usage:

kippo/kippo.cfg : Main configuration file

kippo/honeyfs : This is the fake filesystem that wll be presented to the user.

kippo/data/userdb.txt : This file allows us to modify the username and password combinations that will work when attackers attempt to log into the honeypot.

kippo/log/tty/ : In this directory you will find the logs for each session established by attackers.

./start.sh

- will start kippo

/kippo/utils/playlog.py : Replay an attacker session from the kippo/log/tty directory.

Usage: playlog.py [-bfhi] [-m secs] [-w file] <tty-log-file>

-f keep trying to read the log until it's closed

-m <seconds> maximum delay in seconds, to avoid boredom or fast-forward to the end. (default is 3.0)

-i show the input stream instead of output

-b show both input and output streams

-c colorify the output stream based on what streams are being received